Skip to main content
SpringerLink
Log in

Circle of Health Based Access Control for Personal Health Information Systems

  • Conference paper
  • First Online:
Graphical Models for Security (GraMSec 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10744))

Included in the following conference series:

  • 631 Accesses

Abstract

Patients can track, manage, and share their personal health information (PHI). There are security concerns with the ownership and custodianship of PHI. Traditional provider-facing access control (AC) policies have been applied to many patient-facing applications without consideration as to whether these controls are comprehensible and sufficient. We have conducted a scoping literature review of on AC and patient privacy (n = 31) to identify the state of knowledge and to understand what is being done to address this gap. Synthesizing the results we propose Circle of Health Based AC, a graphical patient-centric AC model. The model has been validated with a panel of user experience, healthcare, and security experts. This work will discuss the scoping literature review and describe the proposed model and justification for it’s applications for user-defined access policy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 60.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Norman, D.A.: The Design of Everyday Things: Revised and Expanded Edition. Basic Books, New York (2013)

    Google Scholar 

  2. Price, M.: Circle of Care Modeling: Seeking Improvements in Continuity of Care for end of life patients. PhD Dissertation, School of Health Information Science, University of Victoria (2009)

    Google Scholar 

  3. Pham, H., Schrag, D., O’Malley, A., Wu, B., Bach, P.: Care patterns in Medicare and their implications for pay for performance. New Engl. J. Med. 356(11), 1130 (2007)

    Article  Google Scholar 

  4. Kahn, J.S., Aulakh, V., Bosworth, A.: What it takes: characteristics of the ideal personal health record. Health Aff. 28(2), 369–376 (2009)

    Article  Google Scholar 

  5. Arksey, H., O’Malley, L.: Scoping studies: towards a methodological framework. Int. J. Soc. Res. Methodol. 8(1), 19–32 (2005)

    Article  Google Scholar 

  6. Hue, P.T.B., Wohlgemuth, S., Echizen, I., Thuc, N.D., Thuy, D.T.B.: An experimental evaluation for a new column-level access control mechanism for electronic health record systems. Int. J. U- E-Serv. Sci. Technol. 4(3), 73–86 (2011). http://www.sersc.org/journals/IJUNESST/vol4_no4/1.pdf

    Article  Google Scholar 

  7. Trojer, T., Katt, B., Ozata, T., Breu, R., Mangesius, P., Schabetsberger, T.: Factors of access control management in electronic healthcare: the patients perspective, pp. 2967–2976. IEEE (2014). https://doi.org/10.1109/HICSS.2014.369

  8. Levy, K., Sargent, B., Bai, Y.: A trust-aware tag-based privacy control for eHealth 2.0. In: Proceedings of the 2011 Conference on Information Technology Education. ACM (2011)

    Google Scholar 

  9. Margheri, A., et al.: On a formal and user-friendly linguistic approach to access control of electronic health data, pp. 263–268 (2013)

    Google Scholar 

  10. Ssembatya, R.: An access control framework for protecting mobile health records: the case study of developing countries. In: Proceedings of the Ninth International Network Conference (INC 2012) (2012). Lulu.com

  11. Sicuranza, M., Esposito, A.: An access control model for easy management of patient privacy in EHR systems. In: 2013 8th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 463–470 (2013). https://doi.org/10.1109/ICITST.2013.6750243

  12. Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Graph transformation systems. In: Ehrig, H., Ehrig, K., Prange, U., Taentzer, G. (eds.) Fundamentals of Algebraic Graph Transformation. EATCS, pp. 37–71. Springer, Heidelberg (2006). https://doi.org/10.1007/3-540-31188-2_3

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LEAD Lab, University of Victoria, 3800 Finnerty Rd, Victoria, Canada

    Ryan Habibi, Jens Weber & Morgan Price

Authors
  1. Ryan Habibi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jens Weber
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Morgan Price
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ryan Habibi .

Editor information

Editors and Affiliations

  1. Pennsylvania State University, University Park, Pennsylvania, USA

    Peng Liu

  2. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Sjouke Mauw

  3. Blindern, SINTEF ICT, Oslo, Norway

    Ketil Stolen

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Habibi, R., Weber, J., Price, M. (2018). Circle of Health Based Access Control for Personal Health Information Systems. In: Liu, P., Mauw, S., Stolen, K. (eds) Graphical Models for Security. GraMSec 2017. Lecture Notes in Computer Science(), vol 10744. Springer, Cham. https://doi.org/10.1007/978-3-319-74860-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-74860-3_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-74859-7

  • Online ISBN: 978-3-319-74860-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation